[arch-commits] Commit in gnupg/trunk (PKGBUILD)

David Runge dvzrv at gemini.archlinux.org
Mon May 9 10:06:16 UTC 2022 

    Date: Monday, May 9, 2022 @ 10:06:16
  Author: dvzrv
Revision: 444882

upgpkg: gnupg 2.2.35-2: Rebuild to add fix for the use of keys in an automated environment.

The use-case of automated signatures has been broken (see
https://dev.gnupg.org/T5953).
Apply (upstream merged) patch to revert the broken feature addition.
Add AC8E115BF73E2D8D47FA9908E98E9B2D19C6C8BD as additional valid signing key.
The 2.2.35 tarball is signed by both the new key and Werner Koch's
6DAA6E64A76D2840571B4902528897B826403ADA.
Extend the license array to state all used licenses and install any non-common
license files.

Modified:
  gnupg/trunk/PKGBUILD

----------+
 PKGBUILD |   13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

Modified: PKGBUILD
===================================================================
--- PKGBUILD	2022-05-09 10:04:14 UTC (rev 444881)
+++ PKGBUILD	2022-05-09 10:06:16 UTC (rev 444882)
@@ -7,10 +7,10 @@
 
 pkgname=gnupg
 pkgver=2.2.35
-pkgrel=1
+pkgrel=2
 pkgdesc='Complete and free implementation of the OpenPGP standard'
 url='https://www.gnupg.org/'
-license=('GPL')
+license=(BSD custom CC0 GPL2 GPL3 LGPL3 LGPL2.1 MIT)
 arch=('x86_64')
 checkdepends=('openssh')
 makedepends=('libldap' 'libusb-compat' 'pcsclite')
@@ -26,14 +26,17 @@
 	'031EC2536E580D8EA286A9F22071B08A33BD3F06' # NIIBE Yutaka (GnuPG Release Key) <gniibe at fsij.org>
 	'5B80C5754298F0CB55D8ED6ABCEF7E294B092E28' # Andre Heinecke (Release Signing Key)
 	'6DAA6E64A76D2840571B4902528897B826403ADA' # Werner Koch (dist signing 2020)
+	'AC8E115BF73E2D8D47FA9908E98E9B2D19C6C8BD' # Niibe Yutaka (GnuPG Release Key)
 )
 source=("https://gnupg.org/ftp/gcrypt/${pkgname}/${pkgname}-${pkgver}.tar.bz2"{,.sig}
 				'gnupg-2.2.35-scd-dont-inhibit-ssh-authentication.patch::https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=patch;h=e8fb8e2b3e66d5ea8a3dc90afdc14611abf2c3da'
-        'drop-import-clean.patch'
+				'gnupg-2.2.35-revert_14de7b1e5904e78fcbe413a82d0f19b750bd8830.patch::https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=patch;h=3192939a10df17cb9666773ed8888627f6d16b8d'
+				'drop-import-clean.patch'
 				'avoid-beta-warning.patch')
 sha256sums=('340bc255938971e6e729b3d9956fa2ef4db8215d77693bf300df2bb302498690'
             'SKIP'
             '1b7611a24e813429e56a7d0855c59d33109cb1b59b3586a3dd35935909a493e5'
+            '00aa4897f11900f67e161f538c5322f2f9e65dc5675a760fd298d43d33a259d7'
             '02d375f0045f56f7dd82bacdb5ce559afd52ded8b75f6b2673c39ec666e81abc'
             '22fdf9490fad477f225e731c417867d9e7571ac654944e8be63a1fbaccd5c62d')
 
@@ -47,6 +50,9 @@
 	# https://bugs.archlinux.org/task/74423
 	# https://dev.gnupg.org/T5935
 	patch -p1 -i ../gnupg-2.2.35-scd-dont-inhibit-ssh-authentication.patch
+	# fix issues with signatures in an automated environment (e.g. archlinux-keyring):
+	# https://dev.gnupg.org/T5953
+	patch -Np1 -i ../gnupg-2.2.35-revert_14de7b1e5904e78fcbe413a82d0f19b750bd8830.patch
 
 	# improve reproducibility
 	rm doc/gnupg.info*
@@ -78,6 +84,7 @@
 	ln -s gpgv "${pkgdir}"/usr/bin/gpgv2
 
 	install -Dm 644 doc/examples/systemd-user/*.* -t "${pkgdir}/usr/lib/systemd/user"
+	install -Dm 644 COPYING.{CC0,other} -t "${pkgdir}/usr/share/licenses/$pkgname/"
 }
 
 # vim: ts=2 sw=2 noet:

More information about the arch-commits mailing list